CVE-2022-25198

A cross-site request forgery CSRF vulnerability in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials...

CVE-2022-25199

A missing permission check in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials...

CVE-2022-25198

A cross-site request forgery CSRF vulnerability in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials...

Design/Logic Flaw

A missing permission check in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials...

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials...

CVE-2022-25199

CVE-2022-25199 : Jenkins SCP Publisher Plugin, versions 1.8 and earlier, lacks a permission check in a form-validation method. This enables attackers with Overall/Read permission to connect to an attacker‑specified SSH server using attacker‑specified credentials, and the flawed flow also enables ...

CVE-2022-25199

A missing permission check in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials...

Mageia: Security Advisory (MGASA-2016-0207)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Jenkins Publish Over SSH Plugin Cross-Site Request Forgery Vulnerability

Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Publish Over SSH Plugin in version 1.22 and earlier contains a cross-site request forgery vulnerability that stems...

GHSA-FJPM-HF7C-XGC2 Stored XSS vulnerability in Jenkins Publish Over SSH Plugin

Jenkins Publish Over SSH Plugin 1.22 and earlier does not escape the SSH server name, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Overall/Administer permission...

CVE-2022-23111

A cross-site request forgery CSRF vulnerability in Jenkins Publish Over SSH Plugin 1.22 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials...

CVE-2022-23110

Jenkins Publish Over SSH Plugin 1.22 and earlier does not escape the SSH server name, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Overall/Administer permission...

CVE-2022-23112

A missing permission check in Jenkins Publish Over SSH Plugin 1.22 and earlier allows attackers with Overall/Read access to connect to an attacker-specified SSH server using attacker-specified credentials...

CVE-2022-23111

A cross-site request forgery CSRF vulnerability in Jenkins Publish Over SSH Plugin 1.22 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials...

Jenkins Plugin 安全漏洞

Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plug-ins to support building, deploying and automating any project . Jenkins Publish Over SSH Plugin in 1.22 and earlier versions of the authorization problem vulnerability , the...

Jenkins Plugin 跨站请求伪造漏洞

Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Publish Over SSH Plugin in version 1.22 and earlier contains a cross-site request forgery vulnerability that stems...

Debian DLA-2860-1 : paramiko - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2860 advisory. - Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This...

Debian DLA-2848-1 : libssh2 - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2848 advisory. Two issues have been discovered in libssh2, a client-side C library implementing the SSH2 protocol: CVE-2019-13115:...

Diffie-Hellman Ephemeral Key Exchange DoS Vulnerability (SSH, D(HE)ater)

The remote SSH server is supporting Diffie-Hellman ephemeral DHE Key Exchange KEX algorithms and thus could be prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Unspecified vulnerability in tmate-ssh-server

Tmate-Ssh-Server is a Tmate Ssh server. tmate-ssh-server suffers from a security vulnerability that could be exploited by an attacker to compromise the integrity of session processing or to obtain read and write session IDs from read-only session symbolic links in this directory...